Merge 66833201cd into 08a89fbe89

Bump eslint-plugin-jest in the npm-development group (#757 )
Bumps the npm-development group with 1 update: [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest). Updates `eslint-plugin-jest` from 29.1.0 to 29.2.1 - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v29.1.0...v29.2.1) --- updated-dependencies: - dependency-name: eslint-plugin-jest dependency-version: 29.2.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-13 02:42:10 +00:00 · 2025-11-24 09:52:35 -08:00 · 2025-11-24 08:01:16 -08:00 · 2025-11-24 08:00:44 -08:00 · 2025-11-24 07:59:04 -08:00 · 2025-11-15 19:48:00 +01:00
7 changed files with 12 additions and 12 deletions
--- a/.github/workflows/check-dist.yml
+++ b/.github/workflows/check-dist.yml
@ -28,7 +28,7 @@ jobs:
    steps:
      - name: Checkout
        id: checkout
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0

      - name: Setup Node.js
        id: setup-node
@ -60,7 +60,7 @@ jobs:
      - if: ${{ failure() && steps.diff.outcome == 'failure' }}
        name: Upload Artifact
        id: upload
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
        with:
          name: dist
          path: dist/
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -21,7 +21,7 @@ jobs:
    steps:
      - name: Checkout
        id: checkout
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0

      - name: Setup Node.js
        id: setup-node
@ -57,7 +57,7 @@ jobs:
    steps:
      - name: Checkout
        id: checkout
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
      - name: Run attest-provenance
        id: attest-provenance
        uses: ./
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -32,7 +32,7 @@ jobs:
    steps:
      - name: Checkout
        id: checkout
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0

      - name: Initialize CodeQL
        id: initialize
--- a/.github/workflows/prober.yml
+++ b/.github/workflows/prober.yml
@ -42,7 +42,7 @@ jobs:
          gh attestation verify ./artifact --owner "$GITHUB_REPOSITORY_OWNER"

      - name: Upload build artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
        with:
          path: "artifact"

--- a/README.md
+++ b/README.md
@ -312,7 +312,7 @@ artifact directly into the `subject-digest` input of the attestation action.

 [1]: https://github.com/actions/toolkit/tree/main/packages/attest
 [2]: https://github.com/in-toto/attestation/tree/main/spec/v1
-[3]: https://slsa.dev/spec/v1.0/provenance
+[3]: https://slsa.dev/spec/v1.1/provenance
 [4]: https://www.sigstore.dev/
 [5]: https://cli.github.com/manual/gh_attestation_verify
 [6]:
--- a/package-lock.json
+++ b/package-lock.json
@ -19,7 +19,7 @@
        "@vercel/ncc": "^0.38.4",
        "eslint": "^9.39.1",
        "eslint-plugin-import": "^2.32.0",
-        "eslint-plugin-jest": "^29.1.0",
+        "eslint-plugin-jest": "^29.2.1",
        "jest": "^30.2.0",
        "jose": "^5.9.6",
        "markdownlint-cli": "^0.46.0",
@ -3982,9 +3982,9 @@
      }
    },
    "node_modules/eslint-plugin-jest": {
-      "version": "29.1.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-29.1.0.tgz",
-      "integrity": "sha512-LabxXbASXVjguqL+kBHTPMf3gUeSqwH4fsrEyHTY/MCs42I/p9+ctg09SJpYiD8eGaIsP6GwYr5xW6xWS9XgZg==",
+      "version": "29.2.1",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-29.2.1.tgz",
+      "integrity": "sha512-0WLIezrIxitUGbjMIGwznVzSIp0uFJV0PZ2fiSvpyVcxe+QMXKUt7MRhUpzdbctnnLwiOTOFkACplgB0wAglFw==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
--- a/package.json
+++ b/package.json
@ -80,7 +80,7 @@
    "@vercel/ncc": "^0.38.4",
    "eslint": "^9.39.1",
    "eslint-plugin-import": "^2.32.0",
-    "eslint-plugin-jest": "^29.1.0",
+    "eslint-plugin-jest": "^29.2.1",
    "jest": "^30.2.0",
    "jose": "^5.9.6",
    "markdownlint-cli": "^0.46.0",
Author	SHA1	Message	Date
Juan Torrente	bc78583e3a	Merge `66833201cd` into `08a89fbe89`	2025-11-24 09:52:35 -08:00
dependabot[bot]	08a89fbe89	Bump eslint-plugin-jest in the npm-development group (#757 ) Some checks failed Check Transpiled JavaScript / Check dist/ (push) Failing after 24s Details Continuous Integration / TypeScript Tests (push) Failing after 3s Details Continuous Integration / Test attest-provenance action (push) Failing after 2s Details CodeQL / Analyze (TypeScript) (push) Failing after 15s Details Public-Good Sigstore Prober / prober (push) Failing after 3s Details GitHub Sigstore Prober / prober (push) Failing after 1s Details Bumps the npm-development group with 1 update: [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest). Updates `eslint-plugin-jest` from 29.1.0 to 29.2.1 - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v29.1.0...v29.2.1) --- updated-dependencies: - dependency-name: eslint-plugin-jest dependency-version: 29.2.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-11-24 08:01:16 -08:00
dependabot[bot]	b92f224bf5	Bump actions/checkout from 5.0.1 to 6.0.0 (#756 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.1 to 6.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`93cb6efe18...1af3b93b68`) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-11-24 08:00:44 -08:00
dependabot[bot]	a6fede4d5d	Bump actions/upload-artifact from 4 to 5 (#755 ) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-11-24 07:59:04 -08:00
jtrt	66833201cd	Merge branch 'main' into patch-1	2025-11-15 19:48:00 +01:00
jtrt	6f67755961	Merge branch 'main' into patch-1	2025-10-14 11:48:05 +02:00
jtrt	a9ca3860c2	Merge branch 'main' into patch-1	2025-09-13 11:34:47 +02:00
jtrt	a371d9965d	Update README.md: Bump SLSA doc version to 1.1	2025-09-11 09:54:03 +02:00